Update: A warning: Since this article was posted, we reported on the NSA's abilities to break encryption, as well as their secret efforts to weaken encryption standards. These revelations have cast doubt on the effectiveness of using encryption to keep communications private.

What makes choosing good security tools hard is that despite the news, we don’t know what government agencies like the NSA are really doing on their wiretaps and with their court orders. People in the security community call the NSA the “ultimate adversary,” and point to a huge array of ways they could be analyzing and attacking every part of the net and telephony system. They could be able to decrypt everything, and even without breaking encryption, they could be able to look at enough of the internet to determine who is talking to whom just by looking at the timing of conversation. But on the other hand, they might not be able to do any of that, and are trying to project the image of data omniscience to discourage people from even trying to protect their privacy. Parts of the NSA could be pretending to be able to do things it can’t while other parts are doing things more invasive than anyone knows, hidden from oversight. In the end, our questions still exceed our answers, and even the parts we think we know keep changing. The NSA's data collection is a story that will only make sense in hindsight, and we don't know how far from now that perspective is.

While Americans get to have a conversation with their government about whether this is right or wrong, the 95% of the planet the NSA is allowed to surveil without further scrutiny doesn’t get to weigh in at all, nor do the people living in countries whose governments practice widespread Internet surveillance and censorship. That’s billions of people for whom choosing tools for protecting their privacy on the net is simply a question about the technology, not about the law.

The good news is that as we understand more about how surveillance works, it helps the people who create and use secure tools to make better and more informed choices -- even if that choice is simply not minding having their data collected.

There are a lot of ways to talk to people securely on the internet, some are purpose-built to enhance your privacy and security. This is by no means an exhaustive list, but it’s a place to start.

We’ll keep filling out this list over the next few days, so if there’s a piece of software you want us to have a look at, mention them in the comments or e-mail them to us at opensource@propublica.org.

Cryptocat

What does it let you do? Cryptocat is a web-based encrypted text chat for two or more people. It also supports encrypted file transfers up to
5 megabytes in size with end-to-end encryption.

Cryptocat heads up this list of tools because it stands out for good interface and good policies. It's the easiest tool on this list to use, and Cryptocat's creator is transparent about how the software handles your data: It goes through a server run by Cryptocat’s creator, Nadim Kobeissi. Kobeissi wrote a blog post with a table explaining who can see your metadata and messages when you use the service.

To get it, go to crypto.cat, and download the browser plugin. Mac users can also find it as a standalone program in Apple’s App Store. After that, you pick a name for the chatroom and for yourself. Share the chatroom name with whoever you want to talk to, and start chatting. It is hands-down the easiest way to get started with end-to-end encryption, where only you and the person you're talking to can see the message. For more on what end-to-end means, see part one.

What does it replace? Cryptocat replaces unencrypted instant messaging and chatrooms, and has some Facebook- and Google-style group coordination features. It’s sometimes the only option when you don’t have the ability to install software on the computer you’re using.

Cryptocat, like all the tools on this list, go through a third party server. This means the communication is more like making a phone call, (which goes through the phone company) than talking on walkie talkies (which go directly to the other party). All of Cryptocat is Open Source, so if you are up for more of a challenge, you can run a server inside your own network, and your Cryptocat chats, in addition to being end-to-end encrypted, never traverse the open Internet.

This chart covers the kind of information we should all have access to about the software we use. It would be fantastic to see more projects and companies follow Cryptocat’s lead, and tell their users who can see their data.

Jabber with OTR

What does it let you do? Jabber, also called XMPP (thanks for another great name, computer scientists!), isn’t a specific program or service. It’s a protocol, which is a term for an established procedure for doing something on the net. In particular, Jabber is a protocol for text-based chat, also called Instant Messaging, between two people.

OTR (“Off the Record”) is a plug-in that encrypts text chat content so that only you and the person you’re corresponding with can read it.

“Only the actual content of your messages is encrypted with OTR, but usually the XMPP channel is secured with SSL as well,” says Chris Ballinger, creator of Chatsecure, a Jabber client for iOS devices. Ballinger listed some of the metadata that is visible if your service doesn’t use SSL, which is separate from OTR message encryption. (Again, see part one for details.) Ballinger's list included:

When you started or stopped typing

Your availability

Your status messages

When you send or received a message

The sender and recipient of each message (full Jabber ID)

Your buddy list

A constant stream of your buddies status updates.

What does it replace? It can replace SMS on phones, or IM and Facebook Chat online. Unlike proprietary services like Facebook Chat and Google Hangouts, Jabber lets you talk to anyone who also speaks Jabber, even if they’re not using the same service you are.

The Jabber protocol isn’t itself secure or private, though most Jabber services will use SSL to encrypt your traffic. With OTR, which is built into some clients and is a separate add-on for others, you can encrypt your messages so that even the Jabber server can’t read them; only the person you’re talking to can. OTR is one of the easiest forms of encryption. All you need is an OTR-capable chat program.

Jabber Clients

Chatsecure for iOS Devices

By default, Chatsecure tries to use SSL to talk to your Jabber server, but it can switch off SSL. The advanced options allow you to "Force TLS," which is another name for SSL.

Gibberbot for Android devices

The creator of Gibberbot, the Guardian Project, specifically makes software for people who need security. Using the software can be difficult, but it doesn’t let you make too many mistakes. Gibberbot won’t connect to a server without using SSL. Gibberbot can also be used with Tor, which we’ll come to in a bit.

Pidgin for Windows/Linux; Adium for Mac OS X

You download Pidgin for Windows and Linux from pidgin.im and Adium for Mac OS X from adium.im.

While they’re easy to use and also interoperate well with services like Facebook Chat and AIM as well as Jabber, these programs might not be secure by default, so you should check your settings. In both of them you have to hunt through menus to “edit” or “modify” your Jabber account. On Pidgin, SSL is under the “Advanced” menu as "Require encryption" inside the accounts screen and may already be enabled. On Adium, it’s under “Options” as "Require SSL/TLS." You have to enable SSL to be sure you're using it.

You’ll also want to make absolutely sure that logging is turned off, as logs are stored on your computer unencrypted. Also, in some cases, like Pidgin your Jabber password is stored in a plain text file on your computer. This is why if you're a target, (which this tutorial assumes you are not) your computer is often your weakest point, not your communications.

A Note on Jabber Services

If you want to use the Jabber protocol you need to use a service that supports it. There are a lot of Jabber services out there, some better than others. Services like Dukgo.com and Jabber.ccc.de(in German) have explicit policies about when they do and don’t cooperate with governments. Jabber gains some of its privacy protections from being decentralized (as opposed to, say, Google, AOL, Facebook, etc.) but that puts more burden on you to research your provider. XMPP.net maintains a list of Jabber servers that are open to use, listing their jurisdiction and what SSL certificate they use. It’s a good starting point, but it’s up to you to look at a prospective service’s website or ask them about their privacy policy.

Silent Circle

What does it let you do?Silent Circle is a commercial service that lets you text chat and make calls over your phone and video chat on Windows with end-to-end encryption and SSL. Silent Text supports encrypted file
transfer up to 100 megabytes with end-to-end encryption.

Silent Circle has the benefit of being purpose-built for security, and a lot of thought has gone into its design, making it easy to use. It’s got some drawbacks: It’s centralized, it’s closed-source and it costs money, which means the people running it need to know your real identity for you to use it. At the cheapest level, Silent Circle can be had right now for $10 a month with an annual subscription. You can only use some features with other Silent Circle subscribers.

What does it replace? Silent Circle replaces regular phone calls and text messages, small scale file sharing and email attachments on iPhone, and Skype for Windows. (Other operating systems are under development at this time)

Using a service like Silent Circle exposes one very important piece of data: That you are someone concerned enough about security to pay for it. That bit of consumer behavior that sends a strong political message, but it may also give the impression to attackers, state or otherwise, that you feel you have something worth attacking -- more so than the other services listed here.

Silent Circle also has an email offering, but like all encrypted email, it leaks metadata.

Tor

What does it let you do?Tor does one simple and important thing: It hides your IP address.

Tor is completely separate from encryption. It doesn’t encrypt your metadata on the open Internet via SSL. It doesn’t know whether or not you’re encrypting your messages. But your IP address is one of the hardest to mask and most personally identifying pieces of metadata there is on the net. As a result, Tor is used for anonymous speech and censorship evasion around the world. How Tor works.

What does it replace? Services called VPNs, or Virtual Private Networks, hide your IP and data from the wider internet by passing it through a encrypted private network. Tor duplicates one function of a VPN, but in a decentralized way. Rather than a single encrypted private network, Tor piggybacks your internet connection through a bunch of network connections run by volunteers. As far as the experts know, nobody can reliably record all Tor traffic, nor know the real origin of any internet connection.

Tor is the hardest tool to use on this list, but what it does is very powerful. Be prepared to give this one a little time. There's plenty of documentation to help you along.

Tor Clients

The Tor Browser Bundle for Windows, Mac OS X and Linux

The Tor browser bundle makes using Tor much easier. It comes with the Tor system, called Vidalia, and a Tor browser (based on Firefox) set up to use it. You can put Vidalia together with any other application on this list to hide your IP, even from the service you’re using.

Orbot and Orweb for Android

Orbot is the Guardian Project’s cellphone-sized version of Vidalia. Orweb is a Tor browser for your phone. Orbot can route any Android application with options for setting a “proxy server” through Tor, hiding your IP. For instance, it works with the Twitter app. Despite the first message you see, you don’t have to “root” your phone to use it; ignore that message.

The Onion Browser for iOS

Onion Browser is a Tor-powered web browser for iOS devices, written by Mike Tigas, who currently works at ProPublica as its Knight-Mozilla OpenNews Fellow. Onion Browser allows you to use the web over Tor without having to jailbreak your iPhone or iPad. Like Tor Browser Bundle and Orweb, your traffic is encrypted and anonymized. Unlike the others, Onion Browser is a standalone app and cannot proxy traffic for other apps on your device.

Message Encryption Applications

(PGP, GNU Privacy Guard, Enigmail, Redphone, TextSecure)

Like the rest of us, cryptographers are only human. For many years they
worked hard to make ways to send encrypted messages that were (and are)
essentially unbreakable. This continues through today, with software
that uses newer and stronger math for encrypting message data. It's
interesting and admirable work -- but for all that effort put into
message data, many of these programs and methods do nothing to protect
your metadata at all. It's as plain as it is in an unencrypted message.
The mass surveillance we've seen come out is confusing, but the lack of
legal protections on metadata has been consistent. That means that for
the purposes of mass surveillance via metadata, these applications give
you no additional protection. (For more on the difference between
encrypting metadata vs. encrypting messages, see part one)

While these applications still expose you to the some of the kinds of analysis the NSA and other agencies are doing, they are still very
good if you're worried about keeping your messages private. To learn
more about these and others, have a look at Security in Box which is a much
more comprehensive tutorial, focused on resisting targeted attacks.

So Many Tools, So Little Room.

There are many tools we haven't discussed here. Some, like Jitsi (Voice-Over-IP audio and video calls), because it's still too hard for the average user. Others, like PGP for email, because it doesn't address the issue of mass metadata surveillance that is the focus of this article. And still others, like Wickr for iOS, because I just don’t have the room. But you can have fun with it: These services and many other out there do a great job of encrypting your messages and your metadata, and put you back in control of who gets to watch you on your networks.

This can all seem overwhelming, but learning even one tool makes the next one much easier to understand conceptually. These tools will get easier for everyone with time and development. The internet has, throughout its history, responded to threats by toughening up; threats change and the Internet evolves with it. It’s an ecology as much as a network, a wild place, sometimes a forest, sometimes a swamp. It’s early days, but the internet is where we live more and more of our lives, and as we get a sense of it, living there safely will become a normal part of life.

“The news this week makes a lot of people feel helpless,” said Abel Luck, one of the Guardian Project developers. “There’s a war on privacy on, and every time you use a bit of cryptography, you’re winning.”

Why is it that people don’t seem to get that this technology is programmed by people and those same, especially the ones gifted to understand better then others, can manipulate the programs, software, hardware, everything to do with this anyway they deem needs to be done for their own goals!! Not to mention any that are disgruntled labor getting no respect who throw in a glitch or two as they develope the software program needs.
Like the technology that does more and more manufacturing, programmed by techies that aren’t trades workers building experience and what’s manufactured is not by humans hands and eyes and more, causing recalls in the tens of thousands and not just an occasional lemon product or two!
There is no security in this modern age!!

Tor does encrypt. Traffic to Tor network and within Tor network is encrypted, the only point when it is open is between the last Tor node and your destination. So your ISP doesn’t see the content of your message, and for the NSA it’ll take effort to do that and may not be feasible.

Nobody: Silent Circle has open-sourced a portion of their code, which is certainly an admirable contribution to the Open Source community, but for the purposes of Open Source style code review and security audits, it’s much too small a piece of the overall architecture for the community to a realistic security overview. OTOH, Silent Circle is certainly capable of paying for code review that would make their application stronger, and I’m sure they do. The model is different.

Alex N: Tor traffic encryption only serves the purpose of obscuring source and data within Tor nodes, and should be consider wholly insecure at relatively easy-to-find exit nodes. This is why saying “Tor is encrypted” is a danger to users.

Lainie: Oops! We’ve got some trailing punctuation in the link, will fix asap.

My message yesterday seems to have gotten eaten. But I do want to point out a couple of things.

First, if you’re going to encrypt, do it right. Encrypt everything (not just sensitive material), so that the use of security isn’t a red flag. Use as many different keys as you can, to minimize the use of cracking any one and making you a more expensive target, generally.

(Also, “codes” are usually better protection than “ciphers.” If you encipher explicit comments that’ll get you in trouble, you’re dead when the attacker cracks the key. If you’re vague and use codewords, you have deniability, even in plain text.)

Second, TOR’s utility is in the charity of its users, by drowning out your usage in the noise of many. But you only get that benefit by using your bandwidth to expand the network for everybody else, so try to avoid just using it as a service. And as mentioned, don’t use it for streaming or huge downloads. You’ll be very disappointed at the results and frustrate the people using it to survive. (I’ve maintained an exit node on the server I rent since before the Egyptian rebellion, so I may be biased.)

Second-plus, if you’re using TOR and have ever been offended at anything, you’ll probably want to stay away from most TOR hidden services. If you go to one, be aware that you’ll probably see something eventually that you’ll want to purge from your browser’s cache.

Third, following off the hidden services and hitting a space that Quinn didn’t touch, keep in mind that any active attempt to hide your identity in a transaction is considered money laundering, a felony in most jurisdictions. So paying for something with a secret BitCoin wallet (for example), if you’re caught doing anything else remotely illegal, is going to go badly for you. Likewise, remember the Computer Fraud and Abuse Act, which makes illegal acts on a network count many more times and much worse. Be careful, in other words, that anonymity doesn’t make you absurdly conspicuous.

For the very paranoid, you may also want to compare your SSL usage with projects like the EFF’s SSL Observatory every once in a while, which makes sure the Certificate Authority hasn’t been compromised. If it has (which happened to a few, a few years back, blamed on local governments), then they can tap into your communications. I think there’s a Firefox extension for it, but ran pretty slow, when I tried it.

It seems my posts are getting eaten away, so let me try again in chunks. Hopefully this won’t turn into a bunch of redundant posts by me.

Regarding encryption, if you’re going to encrypt, do it right. Encrypt everything (not just sensitive material), so that the use of security isn’t a red flag. Use as many different keys as you can, to minimize the use of cracking any one and making you a more expensive target, generally.

Also, “codes” are usually better protection than “ciphers.” If you encipher explicit comments that’ll get you in trouble, you’re dead when the attacker cracks the key. If you’re vague and use codewords, you have deniability, even in plain text.

Keep in mind that TOR’s utility is in the charity of its users, by drowning out your usage in the noise of many. But you only get that benefit by using your bandwidth to expand the network for everybody else, so try to avoid just using it as a service. And as mentioned, don’t use it for streaming or huge downloads. You’ll be very disappointed at the results and frustrate the people using it to survive.

I’ve maintained an exit node on the server I rent since before the Egyptian rebellion, so I may be biased.

Also, if you’re using TOR and have…ever been offended at anything, you’ll probably want to stay away from most TOR hidden services. If you go to one (The Silk Road is sort of a flea market for drugs, for example), be aware that you’ll probably see something eventually that you’ll want to purge from your browser’s cache.

Following off the hidden services and hitting a space that Quinn didn’t get to, keep in mind that any active attempt to hide your identity in a financial transaction is generally considered money laundering, a felony in most jurisdictions. So paying for something with a secret, secondary BitCoin wallet, if you’re caught doing anything else remotely illegal, is going to go badly for you.

(Protecting your payment information from the vendor is fine. Hiding your tracks is the point where most governments get interested, as I understand it.)

Likewise, remember the Computer Fraud and Abuse Act, which makes illegal acts on a network count many more times and much worse. Be careful, in other words, that anonymity doesn’t make you absurdly conspicuous. If you make a big enough mess, someone will find you.

Be careful not to go too far on privacy, though. If you’re doing anything remotely illegal, check the CFAA and money laundering definitions, since those compound crimes to a scary degree.

Also, consider distributed services. Facebook is an easy target. Diaspora may never be as popular and may never be as advanced, but it’d be very difficult to get all the data, because each server (which might be your own) manages its own piece of the database. To acquire everything, you’d need to get buy-in from everybody.

Lastly, for the very paranoid, you may also want to compare your SSL usage with projects like the EFF’s SSL Observatory every once in a while, which makes sure the Certificate Authority hasn’t been compromised. If it has (which happened to a few, a few years back, blamed on local governments), then they can tap into your communications.

I think there’s a Firefox extension for it, but ran pretty slow, when I tried it. However, you shouldn’t trust SSL or HTTPS if you can’t trust the certificate.

I’ve recently launched https://messagecloud.me - a way to chat privately & securely online! All messages are heavily encrypted, and along with many more security measures it provides a safe way to communicate in these days of cyber-snooping. Best of all, the site is completely PRISM-proof, and you could go as far as to call it an anti-social network!

The compromise doesn’t mean that one-on-one chats were exposed, but the coding errors and erratic implementation of security protocols means that Cryptocat is still a learning project for its creators. It’s great for an independent project, but it seems irresponsible to espouse it as the top tool for journalists to use to communicate with top secret sources. You should at least be responsible and include this information in an update and let readers judge for themselves.

Safeguard the public interest

Republish This Story for Free

Thank you for your interest in republishing the story. You are are free republish it so long as you do the following:

You can’t edit our material, except to reflect relative changes in time, location and editorial style. (For example, "yesterday" can be changed to "last week," and "Portland, Ore." to "Portland" or "here.")

If you’re republishing online, you have link to us and to include all of the links from our story, as well as our PixelPing tag.

You can’t sell our material separately.

It’s okay to put our stories on pages with ads, but not ads specifically sold against our stories.

You can’t republish our material wholesale, or automatically; you need to select stories to be republished individually.